From 4e4cedb00bd7391a6dd2432f13d553b7b8298172 Mon Sep 17 00:00:00 2001 From: Luiz Otavio O Souza Date: Fri, 28 Jun 2019 22:12:43 +0000 Subject: [PATCH] Add the 'drop tagged' flag support for ethernet switch ports. This is intended to drop all 802.1q tagged packets on a port. Sponsored by: Rubicon Communications, LLC (Netgate) --- sbin/etherswitchcfg/etherswitchcfg.8 | 6 +++++- sbin/etherswitchcfg/etherswitchcfg.c | 4 ++++ sys/dev/etherswitch/etherswitch.h | 4 +++- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/sbin/etherswitchcfg/etherswitchcfg.8 b/sbin/etherswitchcfg/etherswitchcfg.8 index 1d0559b1d60d..0695b0eddba4 100644 --- a/sbin/etherswitchcfg/etherswitchcfg.8 +++ b/sbin/etherswitchcfg/etherswitchcfg.8 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd October 2, 2016 +.Dd June 28, 2019 .Dt ETHERSWITCHCFG 8 .Os .Sh NAME @@ -147,6 +147,10 @@ MAC addresses. Disable the first lock option. Note that sometimes you need to reset the switch to really disable this option. +.It Cm droptagged +Drop packets with a VLAN tag. +.It Fl droptagged +Disable the drop tagged packets option. .It Cm dropuntagged Drop packets without a VLAN tag. .It Fl dropuntagged diff --git a/sbin/etherswitchcfg/etherswitchcfg.c b/sbin/etherswitchcfg/etherswitchcfg.c index ce01891a76da..f3af9f93825a 100644 --- a/sbin/etherswitchcfg/etherswitchcfg.c +++ b/sbin/etherswitchcfg/etherswitchcfg.c @@ -215,6 +215,8 @@ set_port_flag(struct cfg *cfg, int argc, char *argv[]) f = ETHERSWITCH_PORT_ADDTAG; else if (strcasecmp(flag, "firstlock") == 0) f = ETHERSWITCH_PORT_FIRSTLOCK; + else if (strcasecmp(flag, "droptagged") == 0) + f = ETHERSWITCH_PORT_DROPTAGGED; else if (strcasecmp(flag, "dropuntagged") == 0) f = ETHERSWITCH_PORT_DROPUNTAGGED; else if (strcasecmp(flag, "doubletag") == 0) @@ -871,6 +873,8 @@ static struct cmds cmds[] = { { MODE_PORT, "-doubletag", 0, set_port_flag }, { MODE_PORT, "firstlock", 0, set_port_flag }, { MODE_PORT, "-firstlock", 0, set_port_flag }, + { MODE_PORT, "droptagged", 0, set_port_flag }, + { MODE_PORT, "-droptagged", 0, set_port_flag }, { MODE_PORT, "dropuntagged", 0, set_port_flag }, { MODE_PORT, "-dropuntagged", 0, set_port_flag }, { MODE_CONFIG, "vlan_mode", 1, set_vlan_mode }, diff --git a/sys/dev/etherswitch/etherswitch.h b/sys/dev/etherswitch/etherswitch.h index 27d07f39e231..de4192470dbb 100644 --- a/sys/dev/etherswitch/etherswitch.h +++ b/sys/dev/etherswitch/etherswitch.h @@ -64,8 +64,10 @@ typedef struct etherswitch_conf etherswitch_conf_t; #define ETHERSWITCH_PORT_DROPUNTAGGED (1 << 4) #define ETHERSWITCH_PORT_DOUBLE_TAG (1 << 5) #define ETHERSWITCH_PORT_INGRESS (1 << 6) +#define ETHERSWITCH_PORT_DROPTAGGED (1 << 7) #define ETHERSWITCH_PORT_FLAGS_BITS \ -"\020\1CPUPORT\2STRIPTAG\3ADDTAG\4FIRSTLOCK\5DROPUNTAGGED\6QinQ\7INGRESS" +"\020\1CPUPORT\2STRIPTAG\3ADDTAG\4FIRSTLOCK\5DROPUNTAGGED\6QinQ\7INGRESS" \ +"\10DROPTAGGED" #define ETHERSWITCH_PORT_MAX_LEDS 3